Commit 04097d32 authored by Volker Krause's avatar Volker Krause
Browse files

Fix decoding of zero size BER elements

parent 090639e5
......@@ -52,6 +52,7 @@ private Q_SLOTS:
QTest::newRow("primitive type") << QByteArray::fromHex("020142") << 0x02u;
QTest::newRow("extended type") << QByteArray::fromHex("1F420142") << 0x1F42u;
QTest::newRow("zero size") << QByteArray::fromHex("0200") << 0x02u;
}
void testBerElementType()
......@@ -78,6 +79,8 @@ private Q_SLOTS:
QTest::newRow("2 byte extended size") << b << 256;
QTest::newRow("variable length") << QByteArray::fromHex("0280420000") << 1;
QTest::newRow("zero size") << QByteArray::fromHex("0200") << 0;
}
void testBerElementContentSize()
......
......@@ -47,25 +47,25 @@ BER::Element::~Element() = default;
bool BER::Element::isValid() const
{
if (m_offset < 0 || m_dataSize <= 0 || m_offset + 2 >= m_dataSize) {
if (m_offset < 0 || m_dataSize <= 0 || m_offset + 2 > m_dataSize) {
return false;
}
// check type size
const auto ts = typeSize();
if (ts < 0 || ts >= 4 || m_offset + ts + 1 >= m_dataSize) {
if (ts < 0 || ts >= 4 || m_offset + ts + 1 > m_dataSize) {
return false;
}
// check size of length field
const auto ls = lengthSize();
if (ls <= 0 || ls >= 4 || m_offset + ts + ls >= m_dataSize) {
if (ls <= 0 || ls >= 4 || m_offset + ts + ls > m_dataSize) {
return false;
}
// check size of the content
const auto cs = contentSize();
return cs > 0 && m_offset + ts + ls + cs <= m_dataSize;
return cs >= 0 && m_offset + ts + ls + cs <= m_dataSize;
}
int BER::Element::typeSize() const
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment